cancel
Showing results for 
Search instead for 
Did you mean: 

F5 load balancing Kubernetes masters

LanceLyons
Altocumulus
Altocumulus

Hi, We are trying to setup an HA kubernetes cluster. We have alot of the work done on this like the etcd cluster setup and complete, etc. We are hoping to load balance the k8 api servers with the f5 but havent been able to get that to work. We have configured the F5 virtual server with IP and port 6443 (normal k8 master api server port) and setup the pools to point to one of the 3 nodes at the moment to make sure we can get it working. We are using Round Robin and no persistence profile. So assuming we have https calls to https://F5_VIP:6443/ that are just being load balanced to the nodes.

 

Is there any documentation on doing this or has this been done before?

 

any guidance would be appreciated.

1 REPLY 1

inaily
Nimbostratus
Nimbostratus

How are you authenticating your clients with the API servers? if using client-certificate authentication, you need to make sure that your F5 virtual server is forwarding the client certificate to the api servers. I used a performance(layer4) VS which will not terminate the TLS connection and will forward the client certificate to the API servers for authentication.